Legal
This Privacy Policy describes your privacy rights in terms of gathering, use, storing, sharing, and protecting your personal data, as well as the scope of processed Personal Data, the purposes, sources, recipients and other important aspects of data processing by registering, accessing, or using B4B Payments products, services, solutions, features, and technologies.
If you do not agree, you should stop accessing our website www.b4bpayments.com or our services immediately and refrain from further access and use. We respect the privacy of every individual who visits our website.
Last updated: 10 July 2025
This Privacy Policy applies to the following entities (hereinafter - the Company or we):
We use and process your personal data in accordance with this Privacy Policy and in compliance with the applicable legal acts such as:
When writing "you", we refer to you as a potential, existing, former client of the Company, our client's employee or other related party such as beneficial owner, authorised representatives, business partners, other associated parties or a user of our website.
We process your personal data with the following principles:
If you are a potential client, or register with us as a client, we will ask you for information about yourself. The categories of personal data that we may collect about you are as follows:
| Type of information | Personal data |
|---|---|
| Basic Personal Data | Name, surname, job title etc. |
| Identification information and other background verification data | (Your or your representative's, ultimate beneficiary owners of legal entities) name, surname, personal identity code, date of birth, social security number (SSN), address, nationality, gender, passport or ID card copy, evidence of beneficial ownership or the source of funds, number of shares held, voting rights or share capital part, title, visually scanned or photographed image of your face or image that you provide through a mobile application or camera, video and audio recordings for identification, telephone conversations to comply with client due diligence / know your client / anti-money laundering laws and collected as part of our client acceptance and ongoing monitoring procedures. |
| Financial data | Transactional data (e.g. beneficiary details, date, time, amount and currency which was used, name/IP address of sender and receiver), accounts, amount of transactions, income, location, etc. |
| Information related to legal requirements | Data resulting from enquiries made by the authorities, data that enables us to perform anti-money laundering requirements and ensure the compliance with international sanctions, including the purpose of the business relationship and whether you are a politically exposed person and other data that is required to be processed by us in order to comply with the legal obligation to know your client. |
| Contact data | Registered/actual place of residence, phone number, email address etc. |
| Special category data | Biometrical data, i.e. physical or behavioural characteristics resulting from specific technical processing used during remote identification which confirms the unique identification of a person, e.g. facial images. |
| Any other Personal Data related to you | Any other Personal Data related to you that you may provide. |
We do not process special category data related to your health, ethnicity, or religious or political beliefs unless required by law or in specific circumstances where, for example, you reveal such data while using services (e.g. in payment details).
Your personal data is processed in accordance with the purposes and legal basis indicated in the table below. The legal basis definitions are as follows:
| Purpose | Legal basis | Categories of Personal Data |
|---|---|---|
| Conclusion of the contract or for performance of measures at your request prior to the conclusion of the contract (to get to know, identify and verify our clients) | Contract performance |
|
| For the fulfilment of a contract concluded with you, including but not limited to provision of services of issuance, distribution and redemption of electronic money and provision of payment services | Contract performance |
|
| Verification of your identity, prevention of money laundering and fraud, control and reporting obligations (e.g. Know Your Customer requirements, preventing, detecting and investigating money laundering, terrorist financing and fraud, sanctions screening, risk management obligations, reporting to tax authorities, police authorities, enforcement authorities and supervisory authorities, bookkeeping regulations, other obligations related to service or product specific legislations) | Complying with legal obligations applicable to us |
|
| For remote identification of your personal identity (matching the photo image or video records of your face that you provide through a mobile app or camera with your ID document) | Complying with legal obligations applicable to us |
|
| To prevent, limit and investigate any misuse or unlawful use or disturbance of the services or to establish, exercise and defend legal claims | Legitimate interests |
|
| To ensure adequate provision of the services, the safety of information within the services, as well as to improve, develop and maintain applications, technical systems and IT infrastructure or our legitimate business interests, such as enabling us to improve and deliver a better and more personalised service | Legitimate interests |
|
| To provide an answer when you contact us through our website or other communication measures | Contract performance |
|
| Direct marketing | Your consent |
|
We collect information you provide directly to us - for example, when becoming a new client, when you access and use our website or mobile application, when you set up an account with us, or when you subscribe to our electronic publications such as newsletters.
Personal Data that we may collect from third parties:
iDenfy
In order to make your identity verification, we use the "iDenfy" solution provided by our partner Identifikaciniai projektai, UAB. The solution matches the photo image or video records of your face that you provide through a mobile app or camera with your ID document. For more information on iDenfy please read its privacy policy: www.idenfy.com/privacy-policy
iDenfy is used for comparing live photographic data or video record of yourself and your ID card/passport, to comply with legal obligations (e.g. implementation of the obligations under the Law on Money Laundering and Terrorist Financing Prevention of the Republic of Lithuania and other fraud and crime prevention purposes) and risk management obligations.
The result of the face similarity (match or mismatch) will be retained for as long as it is necessary to carry out verification and for the period required by anti-money laundering laws. Your provided data is not created, recorded and stored in a way that allows regeneration of raw data from retained information. We ensure that the checks disclosed above are a one-time user authorisation process.
Equifax
We also use the identification solution "Equifax" provided by Equifax Limited before providing our services in the UK. Equifax compares your information entered with other data sources from the UK and internationally and a decision on the authenticity of the identity is provided to you in real-time. For more information on Equifax please read its privacy policy: www.equifax.co.uk/privacy-hub
If you do not feel comfortable with these identification methods, you may contact us by email data@b4bpayments.com for alternative ways to identify yourself.
As a data subject you have the following rights in respect of Personal Data that we hold on you:
Right to access your Personal Data
You have the right to know about processing of your Personal Data as well as to have access to your Personal Data and processing. Your right to access may, however, be restricted by legislation, protection of other persons' privacy and consideration for the Company's business concept and business practices.
Right to have your Personal Data erased
At any time you can make a request for us to erase or delete all or some of your personal data, however, in certain cases we may not be able to erase all of your Personal Data, due to the fact that we need to store your Personal Data due to a contractual relationship or law.
Right to demand rectification of incorrect or incomplete Personal Data
In cases where you find out that your Personal Data is incorrect, you always have the right to request a rectification. You may do it by yourself by logging in to your account and changing the profile settings. If your Personal Data was transferred to third-party data processors, they will be notified of any editing or deletion.
Right to request restriction of processing
You shall always be able to demand that our processing of your Personal Data be restricted for a period of time, for example when you believe that Personal Data about you is inaccurate and we need to verify it, or when you object to processing based on a legitimate interest.
Right to obtain a copy of your Personal Data
You may always request a copy of your Personal Data, except in cases where the provision of such data may affect and harm the rights and freedoms of others.
Right to data portability
Transfer your Personal Data to another data controller or receive it directly in a convenient format. Applicable to Personal Data which is provided by you and which is processed by automated means on the basis of consent or on the basis of conclusion and performance of a contract.
Right to object to processing based on legitimate interests
You may always object to the processing of your Personal Data when the processing is based on a legitimate interest.
Right to withdraw your consent
You are always able to withdraw your consent to process your Personal Data when the Personal Data is being processed based on your consent. Such withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
Right not to be subjected to a decision based solely on automated processing
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Right to lodge a complaint
In cases when you believe that the processing of your Personal Data is not in compliance with GDPR or other applicable legal acts, you may submit a complaint to us or to the relevant supervisory authority.
How to exercise your rights
For complaints regarding B4B Payments services, you can contact us via email: complaints@b4bpayments.com or by ordinary mail sent to our registered address at 4th Floor, 12-18 Grosvenor Gardens, Belgravia, London, SW1W 0DH, United Kingdom. Please clearly disclose your name, surname, contact details and the relevant information.
Your requests shall be fulfilled or refusal communicated within 30 (thirty) calendar days from the date of submission, meeting our internal rules and GDPR. This timeframe may be extended for a further 30 (thirty) calendar days by giving prior notice if the request is related to a great scope of Personal Data.
For complaints regarding UAB B4B Payments Europe services: you may address the State Data Protection Inspectorate (Lithuania) - vdai.lrv.lt
For complaints regarding B4B Payments UK services: you may address the Information Commissioner's Office (ICO) - ico.org.uk/make-a-complaint
We will retain your data for a statutory period, following the principle of limitation of the length of the storage. We may use your data for as long as reasonably necessary for the limited purpose of providing our services to you. The terms of retention are as follows:
In the cases when the terms of data keeping are indicated in the legislative regulations, the legislative regulations are applied.
Your Personal Data might be stored longer if: it is necessary in order for us to defend ourselves against claims, demands or action and exercise our rights; there is a reasonable suspicion of an unlawful act that is being investigated; your Personal Data is necessary for the proper resolution of a dispute or complaint; or under other statutory grounds.
Job applicant data is retained for the period of 6-12 months once the recruitment exercise ends based on a legitimate interest to back up our decision making related to possible complaints. If we have sought your consent to keep your data on file for future job vacancies, and you have provided consent, we will keep your data for a longer period agreed on individually.
In some cases, we may use automated decision-making which refers to a decision taken solely on the basis of automated processing of your Personal Data.
Automated decision-making refers to the processing using, for example, a software code or an algorithm, which does not require human intervention.
We may use forms of automated decision making on processing your Personal Data for some services and products. You can request a manual review of the accuracy of an automated decision in case you are not satisfied with it.
We may transfer your Personal Data in accordance with the principles of confidentiality to the following categories of recipients:
Disclosures to government or regulatory bodies may include transaction data, profiling data, onboarding, identification and screening data, user interaction logs. Disclosure to a government entity or a regulatory authority shall include existing and former customers, whose data we still retain.
When disclosing to third parties which support our financial services, we use scheme rules or apply need-to-know principles. B4B Payments does not disclose personal data to non-affiliated third parties except as explained in this section.
For the purpose of providing our services we may engage third-party service providers outside the European Economic Area (EEA). The transfer of Personal Data outside the EEA may be considered as needed in order to conclude the contract between you and us and/or to fulfil the obligations under such contract; in cases indicated in laws and regulations for protection of our lawful interests; or in order to fulfil legal requirements or to realise public interest.
In all other cases where your Personal Data is transferred outside the EEA, we will take all steps to ensure that your data is treated securely and in accordance with this Privacy Policy. We will ensure that it is protected and transferred in a manner consistent with the legal requirements applicable to the Personal Data. This can be done in a number of different ways, for example:
We may transfer Personal Data to a third country by taking other measures if it ensures appropriate safeguards as indicated in the GDPR.
From time to time we may offer to distribute news and other marketing content to individuals who have asked us to do so. We will do this via mailing lists.
You always have the chance to withdraw your consent, even before receiving your first email. Where you do not object to the use of your email for marketing, you are provided with a clear, free of charge and easily realisable unsubscribe link in all emails from our mailing lists, so that you can remove your contact information at any time.
We will only contact you via your email address in the way which you have given your consent and will only send you emails on topics as described during the mailing list signup.
We will not share our mailing list subscribers with any other third party, other than as required for us to send emails to the mailing list. We will only store email addresses in our mailing list.
If you do not agree to receive marketing emails, this will not have any impact on the provision of services to you as the client.
We use cookies and other similar technologies to ensure the stable operations of our website, in order to adapt its content to your needs, to improve the features of our website and to manage advertising campaigns based on the interests of our website audience. For more information regarding cookies, please read our Cookies Policy.
The Company will take reasonable precautions to prevent the loss, misuse, accidental or unlawful destruction, modification, disclosure, unauthorised access, alteration or any other unlawful handling of information you give us. Agents or contractors of ours who have access to information which you give us in the course of providing services to B4B Payments are required to keep that information confidential and are not permitted to use it for any purpose other than to carry out the services which they are performing for B4B Payments.
The Company and any third-party service providers that may engage in the processing of Personal Data on our behalf are also contractually obligated to respect the confidentiality of the Personal Data.
B4B Payments will maintain all applicable PCI DSS requirements to the extent proportional to the cardholder data processed or transmitted on behalf of you, or to the extent that B4B Payments could impact the security of your cardholder data environment.
We regularly review this Privacy Policy and reserve the right to modify it at any time in accordance with applicable laws and regulations. Any changes and clarifications will take effect immediately upon their publication on our website. Please review this Privacy Policy from time to time to stay updated on any changes.
In accordance with the General Data Protection Regulation (GDPR), we have implemented this privacy notice to inform you, as prospective employees of our Company, of the types of data we process about you when you apply for a job.
We follow these principles to ensure that: data processing is fair, lawful and transparent; data is collected for specific, explicit and legitimate purposes; data collected is adequate, relevant and limited to what is necessary; data is kept accurate and up to date; data is not kept for longer than is necessary; data is processed in a manner that ensures appropriate security including protection against unauthorised or unlawful processing and accidental loss; and we comply with the relevant GDPR procedures for international transferring of personal data.
We keep the following types of data on prospective employees:
You provide several pieces of data to us directly during the recruitment exercise. In some cases, we will collect data about you from third parties, such as employment agencies, former employers when gathering references or credit reference agencies. Should you be successful in your job application, we will gather further information from you, for example, your bank details and next of kin details, once your employment begins.
This data is collected on the following lawful basis: (1) legal obligations under Lithuanian and UK law, (2) your consent and (3) legitimate interests of B4B Payments such as making decisions on employment, salary, benefits and other motivation, determining your suitability for the position, skill level and assessing your training needs, preventing fraud, dealing with legal claims against B4B Payments.
Some of this data is a special category of data, which is collected for the purposes of equal opportunities monitoring, meeting your specific needs for the work environment, and your eligibility for certain positions following PCI DSS requirements (criminal conviction data based on our legitimate interests).
EU and UK job applicant data is not shared outside the EU and UK. US job applicant data is not shared outside the US, EU and UK.
You may contact us by writing to us at data@b4bpayments.com or by mail to our relevant registered office address.
Our Data Protection Officer (DPO) continuously monitors our privacy compliance and communicates with us on data protection matters relevant to the provision of our services. You may contact our DPO regarding all issues relating to our company's processing of your personal data and the exercise of your data protection rights by sending an email to: data@b4bpayments.com